A guide to NYDFS Cybersecurity Regulation's March 1 implementation deadline

It’s been almost a year since the New York State Department of Financial Services (NYDFS) Cybersecurity Regulation (23 NYCRR Part 500) came into effect (see our discussion here). Since that time, a series of key dates have marked the implementation of various portions of the regulations, starting with the August 28, 2017 deadline.

Now, as we approach the one-year anniversary of the effective date of the Cybersecurity Regulation, another deadline looms. March 1, 2018 will mark the end of the one-year transitional period, at which time covered entities are required to be in compliance with additional requirements covering the following: